Bot? / pf question
Ryan Coleman
ryan.coleman at cwis.biz
Wed Jan 5 19:51:48 UTC 2011
Yes and no. You want to leave ftp open, too, just in case for port upgrading/downloading, plus you would want to do monitoring across the wire (Nagios or something, maybe?). You could, though, do a dual-NIC setup and have one be a private network LAN for the servers if you aren't already considering it.
On Jan 5, 2011, at 1:48 PM, Mark Moellering wrote:
> Since I am going to be setting up a mail server sometime next week and have to keep things like this in mind;
> would it make sense to run pf and block all outbound traffic that isn't on port 25 ( port 995 , etc) and force any web administration programs onto a port other than 80 to help with this sort of thing? Any other thoughts on how to make sure future installations can be kept secure?
>
> As always, thanks in advance to everyone,
>
> Mark Moellering
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list